I had a lot of fun playing HITCON CTF this weekend so I decided I would make writeups for the challenges I worked on. In this post I provide my solutions for callme, rsbo, ty and sha1lcode. Since stkof was a more serious binary, I decided to make a seperate post for it which can be found here. callme callme: ELF 32-bit LSB executable, Intel 80386,…

This past weekend I took part in the Defcon Quals 2014 and one of the challenges I worked on that I really liked was the "turdedo" (Selir 3) challenge so I decided to make a writeup for it. I worked on this challenge with @zardus and @antoniob. Description The challenge claims to implement the teredo IPv6 tunneling protocol. I had never heard of th…

This writeup was originally posted on my github Description Not sure exactly what the module does, but it's a misc device that does things with structs, arrays, linked lists and stuff. The vulnerability We have the following relevant code excerpts: #define MAX_CONSUMERS 255 struct csaw_buf { unsigned long consumers[MAX_CONSUMERS]; // [1]…